Author: ppenicka
Date: 2013-01-07 07:57:14 -0500 (Mon, 07 Jan 2013)
New Revision: 9037
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/Revision_History.xml
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
Log:
BZ#886289 and BZ#886298 - Implemented changes requested by SME review. The OpenAM and
SPNEGO docs are now ready for docs QA.
Modified: epp/docs/branches/6.0/Reference_Guide/en-US/Revision_History.xml
===================================================================
--- epp/docs/branches/6.0/Reference_Guide/en-US/Revision_History.xml 2013-01-07 12:12:01
UTC (rev 9036)
+++ epp/docs/branches/6.0/Reference_Guide/en-US/Revision_History.xml 2013-01-07 12:57:14
UTC (rev 9037)
@@ -8,6 +8,20 @@
<simpara>
<revhistory>
<revision>
+ <revnumber>6.0.0-28</revnumber>
+ <date>Mon Jan 7 2013</date>
+ <author>
+ <firstname>Petr</firstname>
+ <surname>Penicka</surname>
+ <email/>
+ </author>
+ <revdescription>
+ <simplelist>
+ <member>BZ#886289 and BZ#886298 - Implemented changes requested by SME
review. The OpenAM and SPNEGO docs are now ready for docs QA.</member>
+ </simplelist>
+ </revdescription>
+ </revision>
+ <revision>
<revnumber>6.0.0-27</revnumber>
<date>Fri Jan 4 2013</date>
<author>
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
===================================================================
---
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2013-01-07
12:12:01 UTC (rev 9036)
+++
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2013-01-07
12:57:14 UTC (rev 9037)
@@ -1271,7 +1271,7 @@
<section
id="sect-Reference_Guide-SSO_Single_Sign_On_-OpenAM-OpenAMserversetup">
<title>OpenAM Server Setup</title>
<para>
- This section contains procedures that need to be followed to set up an OpenAM
server for authentication against JBoss Portal Platform. The authentication set up by
these procedures is ensured by the JBoss Portal Platform SSO Authentication Plugin. The
plugin will be installed in OpenAM and configured to to perform authentication against the
portal using a REST callback.
+ This section contains procedures that need to be followed to set up an OpenAM
server for authentication against JBoss Portal Platform. The authentication set up by
these procedures is ensured by the JBoss Portal Platform SSO Authentication Plugin. The
plugin will be installed in OpenAM and configured to perform authentication against the
portal using a REST callback.
<note>
<para>
Using the REST callback as presented in this section is not mandatory. You can
achieve authentication on the OpenAM side by any other means according to your
preference.
@@ -1640,9 +1640,9 @@
Uncomment the following lines:
</para>
<programlisting>
-default_tgs_enctypes = des3-hmac-sha1
-default_tkt_enctypes = des3-hmac-sha1
-permitted_enctypes = des3-hmac-sha1
+default_tgs_enctypes = rc4-hmac
+default_tkt_enctypes = rc4-hmac
+permitted_enctypes = rc4-hmac
</programlisting>
</listitem>
<listitem>
@@ -1671,9 +1671,9 @@
# caches containing ticket encryption types it doesn't know about (such as
# old versions of Sun Java).
- default_tgs_enctypes = des3-hmac-sha1
- default_tkt_enctypes = des3-hmac-sha1
- permitted_enctypes = des3-hmac-sha1
+ default_tgs_enctypes = rc4-hmac
+ default_tkt_enctypes = rc4-hmac
+ permitted_enctypes = rc4-hmac
# The following libdefaults parameters are only for Heimdal Kerberos.
v4_instance_resolve = false
@@ -1716,25 +1716,25 @@
</para>
<programlisting>
[kdcdefaults]
- kdc_ports = 750,88
+kdc_ports = 750,88
[realms]
LOCAL.NETWORK = {
- database_name = /home/gatein/krb5kdc/principal
- admin_keytab = FILE:/home/gatein/krb5kdc/kadm5.keytab
- acl_file = /home/gatein/krb5kdc/kadm5.acl
- key_stash_file = /home/gatein/krb5kdc/stash
+ database_name = /var/lib/krb5kdc/principal
+ admin_keytab = FILE:/etc/krb5.keytab
+ acl_file = /etc/krb5kdc/kadm5.acl
+ key_stash_file = /etc/krb5kdc/stash
kdc_ports = 750,88
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
- master_key_type = des3-hmac-sha1
- supported_enctypes = aes256-cts:normal arcfour-hmac:normal des3-hmac-sha1:normal
des-cbc-crc:normal des:normal des:v4 des:norealm des:onlyrealm des:afs3
+ master_key_type = rc4-hmac
+ supported_enctypes = rc4-hmac:normal
default_principal_flags = +preauth
}
[logging]
- kdc = FILE:/home/gatein/krb5logs/kdc.log
- admin_server = FILE:/home/gatein/krb5logs/kadmin.log
+ kdc = FILE:/tmp/kdc.log
+ admin_server = FILE:/tmp/kadmin.log
</programlisting>
</listitem>
<listitem>
Show replies by date